The whale. I first heard someone tell the story in 1991 or 92, and eventually tracked the video down. But it's what You tube was invented for. I know it by heart now, and it still makes me cry with laughter.

But since I started that my view of You tube has changed. And it's because of a worry I have had for some time about their owners (Google) : what happens to the information they gather ?

Now, since Google is a competitor of ours I should say that I think it is naïve to automatically trust any large organization with your information. There might be a paranoid streak to this* but it is no more than the data protection principles on which the Data Protection Act is based; these say that personal data should be gathered for a purpose (not speculatively), the details gathered should not be excessive in relation to that purpose, and the data should not be kept for longer than is necessary for that purpose. So in any transaction with Microsoft, Google, Tesco, the Government etc I think people should ask:

What am I disclosing here ? and to Whom ?

What will they do with the information ? Will they disclose it to anyone else ?

When will they delete it ?

Do I trust them to do only what I have approved ?

When you fill a form in it should be possible to know what the organization concerned will do with the data.Inside Microsoft "only doing what we said we'd do" is stuck to pretty rigorously, so I can't e-mail everyone who came to a presentation because they didn't consent to that when they signed up for. That can be a pain for us at times. If is collected by logging what you've bought, or where you have gone in the physical or on-line world things get harder. I don't advocate the use of Passport Windows-Live ID: a single sign-on for Microsoft Services is all well and good: but I hate the idea of one system knowing every web site I log on to. That's why I find an idea like Phorm insidious: it tracks every site used, whether the reader logs on not.

Speculative collection of personal data gets my paranoia going. I've yet to see a justification for Government to put every citizen into a facial recognition database (part the of ID card scheme). In a country where we have 1 CCTV camera for every 14 people, adding facial recognition to say exactly who has been where, and when seems a step too far down the primrose path. And whilst that hasn't come to pass (yet) our cars are routinely identified by Automated Number Plate Recognition (ANPR) cameras. ANPR is finding a lot of uses, including the "Specs" average speed camera system. I'm all for Specs if it saves lives of Road maintenance workers (the evidence isn't conclusive). But it shouldn't erode civil liberties in the process. Passing through a set of "Specs" speed cameras last week, I remarked to my passenger that vehicle details go into a database but ordinary citizens have no idea who keeps the data, for how long, and how it can be used - if we are aware that data on what we do is being collected at all**.

Which brings me back to YouTube. Informed users know their PC has an address, and that servers keep logs. It's fine for Google (or anyone else) to use anonymous data from these logs for statistical purposes - you'd expect them to know most popular search terms, broken down every which way or to know the most popular videos on YouTube - but they have faced some justifiable criticism for keeping the data personal. It gets unsettling if they show everything you ever searched for. And if they hand over everything you ever watched to a third party that's just plain wrong.

Now... the copy of Baz Luhrmann's video that Eileen linked to is not the only one on YouTube. I've no idea if it was uploaded with the consent of Baz Luhrmann or if it is flagrant breach of copyright. The copy at http://www.youtube.com/watch?v=sTJ7AzBIJoI was obviously recorded from VH1 - one of the stations owned by Viacom (who own Paramount, Comedy Central, Nickelodeon, and are best known for MTV). Viacom, not surprisingly, isn't too happy that people have been recording stuff from its stations and posting it on youTube; where Google, not Viacom gets the advertising money from, say, South park. So Viacom responded the American way: they sued. And won. And the judge ruled that Google must hand over the entire log. Just hang on a minute... that's exactly what I described as "Just plain wrong". They get the log of what every member has uploaded or watched while signed in. And to tell what has been watched from any given IP address. Even if the uploader and viewer were located outside the jurisdiction of the court, and even if the content has nothing to do with Viacom. If you follow the link to the story you can see that Google say they are "disappointed the court granted Viacom's over-reaching demand for viewing history." But who kept the history ?

* You know what happens to paranoid people ? They survive !. (See Andy Grove)

** This Document from the Association of Chief Police Officers covers the data protection act and Human rights act aspects of ANPR, and says signs should be posted saying who is operating cameras and why. Every seen one ? Me neither.

Just a point - CCTV notices _are_ actually pretty prevalent, internal ones at least. It's just no-one ever notices ;) Next time you go into a McDonalds or similar, have a look - there should be a sticker on the door.

Most CCTV systems come with a set of sticky-backed labels for this purpose.

Sure. We have them for our cameras here at Microsoft. But, ACPO say they should put up signs to go with their ANPR cameras, I've never seen a sign which says "these cameras are operated by Anyshire Constabulary in order to ...."

Sam Miller

11 Jul 2008 3:10 AM

I want something useful to happen to the information that people collect on the net. I have been freely providing accurate information about my demographics on all sorts of sites since the inception of the internet. Yet have to receive something that is useful. Perhaps a mailer on a new book in history (my passion) or something about blues (my other passion). Nope.

www.walkersresearch.com

Avradeep

11 Jul 2008 8:23 AM

Hello

I am pretty much interested in Phorm but it being a third party won't the system block it?

Avradeep, not sure which system you're expecting to block Phorm, but it is designed to co-operate with a layer at the ISP so it doesn't get blocked.

Sam. Live in hope I guess. The cynic in me says that info is useful to the people collecting it, but nothing accrues to people providing it.

P J Bryant

23 Jul 2008 10:30 PM

I think you'll find ACPO will hide behind this exemption:

"The use of information signs where ANPR technology is deployed must always be a consideration. However, the Data Protection Act provides an exemption to this requirement where the provision of such information would involve a disproportionate effort e.g. the use of ANPR from a patrolling vehicle or where the use of signs would frustrate the purpose of the operation."

Given the idea is to catch criminals, i guess PC Plod will decide that the signs will cause the crooks to turn round and find another route, and therefore not be caught.